<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">

<title>module OpenSSL::KDF - openssl: Ruby Standard Library Documentation</title>


<script src="../js/navigation.js" defer></script>
<script src="../js/search.js" defer></script>
<script src="../js/search_index.js" defer></script>
<script src="../js/searcher.js" defer></script>
<script src="../js/darkfish.js" defer></script>

<script src="../js/jquery-3.2.0.min.js"></script>

<script src="../js/vue.min.js"></script>
<script src="../js/js.cookie.min.js"></script>

<link href="../css/fonts.css" rel="stylesheet">
<link id='rdoccss' href="../css/rdoc.css" rel="stylesheet">
<link href="../css/carbon17.css" rel="stylesheet">

<script type="text/javascript">
  var rdoc_rel_prefix = "../";
  var index_rel_prefix = "../";
  var darkModeCsseHref = "../css/rdoc-dm.css"
  var defaultModeCssHref = "../css/rdoc.css"
  // var cssDarkmode = Cookies.get('darkmode');
  
  if( Cookies.get("darkmode") == "true") {
	$('#rdoccss').attr("href", darkModeCsseHref);
}

//  https://cssdeck.com/blog/simple-jquery-stylesheet-switcher/

document.write('<style type="text/css">body{display:none}</style>');

</script>


</head>
<body id="top" role="document" class="module">
  <!-- this is class.html -->

  <div id='actionbar' >
    <div class='wrapper mdiv'>
      <ul class='grids g0'></ul>
    </div> 
    <!-- VERSION HEADER for 3.3.0.preview2 NOT FOUND -->
  </div> <!-- end action bar -->

  <div class='wrapper hdiv'>

    


    <nav id='vapp' role="navigation">
    <div id="project-navigation">
      <div id="home-section" role="region" title="Quick navigation" class="nav-section">
  <h2><a href="../index.html" rel="home">Home</a></h2>

  <div id="table-of-contents-navigation"  >
    <a href="../table_of_contents.html#pages">Pages</a>
    <a href="../table_of_contents.html#classes">Classes</a>
    <a href="../table_of_contents.html#methods">Methods</a>
  </div>
</div>

      <div id="search-section" role="search" class="project-section initially-hidden">
  <form action="#" method="get" accept-charset="utf-8">
    <div id="search-field-wrapper">
      <input id="search-field" role="combobox" aria-label="Search"
             aria-autocomplete="list" aria-controls="search-results"
             type="text" name="search" placeholder="Search" spellcheck="false"
             title="Type to search, Up and Down to navigate, Enter to load">
    </div>

    <ul id="search-results" aria-label="Search Results"
        aria-busy="false" aria-expanded="false"
        aria-atomic="false" class="initially-hidden"></ul>
  </form>
</div>

    </div>


    
<div class="nav-section">
  <h3>Table of Contents</h3>

  <ul class="link-list" role="directory">
    <li><a href="#module-OpenSSL::KDF-label-Examples">Examples</a>
    <li><a href="#module-OpenSSL::KDF-label-Generating+a+128+bit+key+for+a+Cipher+-28e.g.+AES-29">Generating a 128 bit key for a Cipher (e.g. AES)</a>
    <li><a href="#module-OpenSSL::KDF-label-Storing+Passwords">Storing Passwords</a>
    <li><a href="#module-OpenSSL::KDF-label-Important+Note+on+Checking+Passwords">Important Note on Checking Passwords</a>
  </ul>
</div>


    <button id='toggleThing' @click="toggleNav()" >Show/hide navigation</button>
    <div :class="isOpen ? 'block' : 'hidden' " id='toggleMe'>
      <div id="class-metadata">
        
        
        
        
        
<!-- Method Quickref -->
<div id="method-list-section" class="nav-section">
  <h3>Methods</h3>

  <ul class="link-list" role="directory">
    <li ><a href="#method-c-hkdf">::hkdf</a>
    <li ><a href="#method-c-pbkdf2_hmac">::pbkdf2_hmac</a>
    <li ><a href="#method-c-scrypt">::scrypt</a>
  </ul>
</div>

      </div>
     </div>
    </nav>


    <div id='extraz'><div class='adzbox-index'  >
      
     </div>         
    </div>

    <main role="main" aria-labelledby="module-OpenSSL::KDF">
    <h1 id="module-OpenSSL::KDF" class="module">
      module OpenSSL::KDF
    </h1>

    <section class="description">
    
<p>Provides functionality of various KDFs (key derivation function).</p>

<p><a href="KDF.html"><code>KDF</code></a> is typically used for securely deriving arbitrary length symmetric keys to be used with an <a href="Cipher.html"><code>OpenSSL::Cipher</code></a> from passwords. Another use case is for storing passwords: Due to the ability to tweak the effort of computation by increasing the iteration count, computation can be slowed down artificially in order to render possible attacks infeasible.</p>

<p>Currently, <a href="KDF.html"><code>OpenSSL::KDF</code></a> provides implementations for the following KDF:</p>
<ul><li>
<p>PKCS #5 PBKDF2 (Password-Based Key Derivation Function 2) in combination with <a href="HMAC.html"><code>HMAC</code></a></p>
</li><li>
<p>scrypt</p>
</li><li>
<p>HKDF</p>
</li></ul>

<h2 id="module-OpenSSL::KDF-label-Examples">Examples<span><a href="#module-OpenSSL::KDF-label-Examples">&para;</a> <a href="#top">&uarr;</a></span></h2>

<h3 id="module-OpenSSL::KDF-label-Generating+a+128+bit+key+for+a+Cipher+-28e.g.+AES-29">Generating a 128 bit key for a <a href="Cipher.html"><code>Cipher</code></a> (e.g. AES)<span><a href="#module-OpenSSL::KDF-label-Generating+a+128+bit+key+for+a+Cipher+-28e.g.+AES-29">&para;</a> <a href="#top">&uarr;</a></span></h3>

<pre class="ruby"><span class="ruby-identifier">pass</span> = <span class="ruby-string">&quot;secret&quot;</span>
<span class="ruby-identifier">salt</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">Random</span>.<span class="ruby-identifier">random_bytes</span>(<span class="ruby-value">16</span>)
<span class="ruby-identifier">iter</span> = <span class="ruby-value">20_000</span>
<span class="ruby-identifier">key_len</span> = <span class="ruby-value">16</span>
<span class="ruby-identifier">key</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">KDF</span>.<span class="ruby-identifier">pbkdf2_hmac</span>(<span class="ruby-identifier">pass</span>, <span class="ruby-value">salt:</span> <span class="ruby-identifier">salt</span>, <span class="ruby-value">iterations:</span> <span class="ruby-identifier">iter</span>,
                               <span class="ruby-value">length:</span> <span class="ruby-identifier">key_len</span>, <span class="ruby-value">hash:</span> <span class="ruby-string">&quot;sha1&quot;</span>)
</pre>

<h3 id="module-OpenSSL::KDF-label-Storing+Passwords">Storing Passwords<span><a href="#module-OpenSSL::KDF-label-Storing+Passwords">&para;</a> <a href="#top">&uarr;</a></span></h3>

<pre class="ruby"><span class="ruby-identifier">pass</span> = <span class="ruby-string">&quot;secret&quot;</span>
<span class="ruby-comment"># store this with the generated value</span>
<span class="ruby-identifier">salt</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">Random</span>.<span class="ruby-identifier">random_bytes</span>(<span class="ruby-value">16</span>)
<span class="ruby-identifier">iter</span> = <span class="ruby-value">20_000</span>
<span class="ruby-identifier">hash</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">Digest</span>.<span class="ruby-identifier">new</span>(<span class="ruby-string">&#39;SHA256&#39;</span>)
<span class="ruby-identifier">len</span> = <span class="ruby-identifier">hash</span>.<span class="ruby-identifier">digest_length</span>
<span class="ruby-comment"># the final value to be stored</span>
<span class="ruby-identifier">value</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">KDF</span>.<span class="ruby-identifier">pbkdf2_hmac</span>(<span class="ruby-identifier">pass</span>, <span class="ruby-value">salt:</span> <span class="ruby-identifier">salt</span>, <span class="ruby-value">iterations:</span> <span class="ruby-identifier">iter</span>,
                                 <span class="ruby-value">length:</span> <span class="ruby-identifier">len</span>, <span class="ruby-value">hash:</span> <span class="ruby-identifier">hash</span>)
</pre>

<h2 id="module-OpenSSL::KDF-label-Important+Note+on+Checking+Passwords">Important Note on Checking Passwords<span><a href="#module-OpenSSL::KDF-label-Important+Note+on+Checking+Passwords">&para;</a> <a href="#top">&uarr;</a></span></h2>

<p>When comparing passwords provided by the user with previously stored values, a common mistake made is comparing the two values using “==”. Typically, “==” short-circuits on evaluation, and is therefore vulnerable to timing attacks. The proper way is to use a method that always takes the same amount of time when comparing two values, thus not leaking any information to potential attackers. To do this, use <code>OpenSSL.fixed_length_secure_compare</code>.</p>

    </section>

      <section id="5Buntitled-5D" class="documentation-section">





                <section id="public-class-5Buntitled-5D-method-details" class="method-section">
                <header>
                <h3>Public Class Methods</h3>
                </header>

                  <div id="method-c-hkdf" class="method-detail ">
                      <div class="method-heading">
                        <span class="method-callseq">
                          hkdf(ikm, salt:, info:, length:, hash:) &rarr; String
                              </span>
                              <span class="method-click-advice">click to toggle source</span>
                            </div>

                            <div class="method-description">
                              <p>HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as specified in <a href="https://tools.ietf.org/html/rfc5869">RFC 5869</a>.</p>

<p>New in <a href="../OpenSSL.html"><code>OpenSSL</code></a> 1.1.0.</p>

<h3 id="method-c-hkdf-label-Parameters">Parameters<span><a href="#method-c-hkdf-label-Parameters">&para;</a> <a href="#top">&uarr;</a></span></h3>
<dl class="rdoc-list note-list"><dt><em>ikm</em>
<dd>
<p>The input keying material.</p>
</dd><dt><em>salt</em>
<dd>
<p>The salt.</p>
</dd><dt><em>info</em>
<dd>
<p>The context and application specific information.</p>
</dd><dt><em>length</em>
<dd>
<p>The output length in octets. Must be &lt;= <code>255 * HashLen</code>, where HashLen is the length of the hash function output in octets.</p>
</dd><dt><em>hash</em>
<dd>
<p>The hash function.</p>
</dd></dl>

<h3 id="method-c-hkdf-label-Example">Example<span><a href="#method-c-hkdf-label-Example">&para;</a> <a href="#top">&uarr;</a></span></h3>

<pre class="ruby"><span class="ruby-comment"># The values from https://datatracker.ietf.org/doc/html/rfc5869#appendix-A.1</span>
<span class="ruby-identifier">ikm</span> = [<span class="ruby-string">&quot;0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b&quot;</span>].<span class="ruby-identifier">pack</span>(<span class="ruby-string">&quot;H*&quot;</span>)
<span class="ruby-identifier">salt</span> = [<span class="ruby-string">&quot;000102030405060708090a0b0c&quot;</span>].<span class="ruby-identifier">pack</span>(<span class="ruby-string">&quot;H*&quot;</span>)
<span class="ruby-identifier">info</span> = [<span class="ruby-string">&quot;f0f1f2f3f4f5f6f7f8f9&quot;</span>].<span class="ruby-identifier">pack</span>(<span class="ruby-string">&quot;H*&quot;</span>)
<span class="ruby-identifier">p</span> <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">KDF</span>.<span class="ruby-identifier">hkdf</span>(<span class="ruby-identifier">ikm</span>, <span class="ruby-value">salt:</span> <span class="ruby-identifier">salt</span>, <span class="ruby-value">info:</span> <span class="ruby-identifier">info</span>, <span class="ruby-value">length:</span> <span class="ruby-value">42</span>, <span class="ruby-value">hash:</span> <span class="ruby-string">&quot;SHA256&quot;</span>).<span class="ruby-identifier">unpack1</span>(<span class="ruby-string">&quot;H*&quot;</span>)
<span class="ruby-comment"># =&gt; &quot;3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865&quot;</span>
</pre>

                              <div class="method-source-code" id="hkdf-source">
            <pre>static VALUE
kdf_hkdf(int argc, VALUE *argv, VALUE self)
{
    VALUE ikm, salt, info, opts, kwargs[4], str;
    static ID kwargs_ids[4];
    int saltlen, ikmlen, infolen;
    size_t len;
    const EVP_MD *md;
    EVP_PKEY_CTX *pctx;

    if (!kwargs_ids[0]) {
        kwargs_ids[0] = rb_intern_const(&quot;salt&quot;);
        kwargs_ids[1] = rb_intern_const(&quot;info&quot;);
        kwargs_ids[2] = rb_intern_const(&quot;length&quot;);
        kwargs_ids[3] = rb_intern_const(&quot;hash&quot;);
    }
    rb_scan_args(argc, argv, &quot;1:&quot;, &amp;ikm, &amp;opts);
    rb_get_kwargs(opts, kwargs_ids, 4, 0, kwargs);

    StringValue(ikm);
    ikmlen = RSTRING_LENINT(ikm);
    salt = StringValue(kwargs[0]);
    saltlen = RSTRING_LENINT(salt);
    info = StringValue(kwargs[1]);
    infolen = RSTRING_LENINT(info);
    len = (size_t)NUM2LONG(kwargs[2]);
    if (len &gt; LONG_MAX)
        rb_raise(rb_eArgError, &quot;length must be non-negative&quot;);
    md = ossl_evp_get_digestbyname(kwargs[3]);

    str = rb_str_new(NULL, (long)len);
    pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
    if (!pctx)
        ossl_raise(eKDF, &quot;EVP_PKEY_CTX_new_id&quot;);
    if (EVP_PKEY_derive_init(pctx) &lt;= 0) {
        EVP_PKEY_CTX_free(pctx);
        ossl_raise(eKDF, &quot;EVP_PKEY_derive_init&quot;);
    }
    if (EVP_PKEY_CTX_set_hkdf_md(pctx, md) &lt;= 0) {
        EVP_PKEY_CTX_free(pctx);
        ossl_raise(eKDF, &quot;EVP_PKEY_CTX_set_hkdf_md&quot;);
    }
    if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, (unsigned char *)RSTRING_PTR(salt),
                                    saltlen) &lt;= 0) {
        EVP_PKEY_CTX_free(pctx);
        ossl_raise(eKDF, &quot;EVP_PKEY_CTX_set_hkdf_salt&quot;);
    }
    if (EVP_PKEY_CTX_set1_hkdf_key(pctx, (unsigned char *)RSTRING_PTR(ikm),
                                   ikmlen) &lt;= 0) {
        EVP_PKEY_CTX_free(pctx);
        ossl_raise(eKDF, &quot;EVP_PKEY_CTX_set_hkdf_key&quot;);
    }
    if (EVP_PKEY_CTX_add1_hkdf_info(pctx, (unsigned char *)RSTRING_PTR(info),
                                    infolen) &lt;= 0) {
        EVP_PKEY_CTX_free(pctx);
        ossl_raise(eKDF, &quot;EVP_PKEY_CTX_set_hkdf_info&quot;);
    }
    if (EVP_PKEY_derive(pctx, (unsigned char *)RSTRING_PTR(str), &amp;len) &lt;= 0) {
        EVP_PKEY_CTX_free(pctx);
        ossl_raise(eKDF, &quot;EVP_PKEY_derive&quot;);
    }
    rb_str_set_len(str, (long)len);
    EVP_PKEY_CTX_free(pctx);

    return str;
}</pre>
                              </div>
                            </div>


                          </div>

                  <div id="method-c-pbkdf2_hmac" class="method-detail ">
                      <div class="method-heading">
                        <span class="method-callseq">
                          pbkdf2_hmac(pass, salt:, iterations:, length:, hash:) &rarr; aString
                              </span>
                              <span class="method-click-advice">click to toggle source</span>
                            </div>

                            <div class="method-description">
                              <p>PKCS #5 PBKDF2 (Password-Based Key Derivation Function 2) in combination with <a href="HMAC.html"><code>HMAC</code></a>. Takes <em>pass</em>, <em>salt</em> and <em>iterations</em>, and then derives a key of <em>length</em> bytes.</p>

<p>For more information about PBKDF2, see RFC 2898 Section 5.2 (<a href="https://tools.ietf.org/html/rfc2898#section-5.2">tools.ietf.org/html/rfc2898#section-5.2</a>).</p>

<h3 id="method-c-pbkdf2_hmac-label-Parameters">Parameters<span><a href="#method-c-pbkdf2_hmac-label-Parameters">&para;</a> <a href="#top">&uarr;</a></span></h3>
<dl class="rdoc-list note-list"><dt>pass       
<dd>
<p>The password.</p>
</dd><dt>salt       
<dd>
<p>The salt. Salts prevent attacks based on dictionaries of common passwords and attacks based on rainbow tables. It is a public value that can be safely stored along with the password (e.g. if the derived value is used for password storage).</p>
</dd><dt>iterations 
<dd>
<p>The iteration count. This provides the ability to tune the algorithm. It is better to use the highest count possible for the maximum resistance to brute-force attacks.</p>
</dd><dt>length     
<dd>
<p>The desired length of the derived key in octets.</p>
</dd><dt>hash       
<dd>
<p>The hash algorithm used with <a href="HMAC.html"><code>HMAC</code></a> for the PRF. May be a String representing the algorithm name, or an instance of <a href="Digest.html"><code>OpenSSL::Digest</code></a>.</p>
</dd></dl>

                              <div class="method-source-code" id="pbkdf2_hmac-source">
            <pre>static VALUE
kdf_pbkdf2_hmac(int argc, VALUE *argv, VALUE self)
{
    VALUE pass, salt, opts, kwargs[4], str;
    static ID kwargs_ids[4];
    int iters, len;
    const EVP_MD *md;

    if (!kwargs_ids[0]) {
        kwargs_ids[0] = rb_intern_const(&quot;salt&quot;);
        kwargs_ids[1] = rb_intern_const(&quot;iterations&quot;);
        kwargs_ids[2] = rb_intern_const(&quot;length&quot;);
        kwargs_ids[3] = rb_intern_const(&quot;hash&quot;);
    }
    rb_scan_args(argc, argv, &quot;1:&quot;, &amp;pass, &amp;opts);
    rb_get_kwargs(opts, kwargs_ids, 4, 0, kwargs);

    StringValue(pass);
    salt = StringValue(kwargs[0]);
    iters = NUM2INT(kwargs[1]);
    len = NUM2INT(kwargs[2]);
    md = ossl_evp_get_digestbyname(kwargs[3]);

    str = rb_str_new(0, len);
    if (!PKCS5_PBKDF2_HMAC(RSTRING_PTR(pass), RSTRING_LENINT(pass),
                           (unsigned char *)RSTRING_PTR(salt),
                           RSTRING_LENINT(salt), iters, md, len,
                           (unsigned char *)RSTRING_PTR(str)))
        ossl_raise(eKDF, &quot;PKCS5_PBKDF2_HMAC&quot;);

    return str;
}</pre>
                              </div>
                            </div>


                          </div>

                  <div id="method-c-scrypt" class="method-detail ">
                      <div class="method-heading">
                        <span class="method-callseq">
                          scrypt(pass, salt:, N:, r:, p:, length:) &rarr; aString
                              </span>
                              <span class="method-click-advice">click to toggle source</span>
                            </div>

                            <div class="method-description">
                              <p>Derives a key from <em>pass</em> using given parameters with the scrypt password-based key derivation function. The result can be used for password storage.</p>

<p>scrypt is designed to be memory-hard and more secure against brute-force attacks using custom hardwares than alternative KDFs such as PBKDF2 or bcrypt.</p>

<p>The keyword arguments <em>N</em>, <em>r</em> and <em>p</em> can be used to tune scrypt. RFC 7914 (published on 2016-08, <a href="https://tools.ietf.org/html/rfc7914#section-2">tools.ietf.org/html/rfc7914#section-2</a>) states that using values r=8 and p=1 appears to yield good results.</p>

<p>See RFC 7914 (<a href="https://tools.ietf.org/html/rfc7914">tools.ietf.org/html/rfc7914</a>) for more information.</p>

<h3 id="method-c-scrypt-label-Parameters">Parameters<span><a href="#method-c-scrypt-label-Parameters">&para;</a> <a href="#top">&uarr;</a></span></h3>
<dl class="rdoc-list note-list"><dt>pass   
<dd>
<p>Passphrase.</p>
</dd><dt>salt   
<dd>
<p>Salt.</p>
</dd><dt>N      
<dd>
<p>CPU/memory cost parameter. This must be a power of 2.</p>
</dd><dt>r      
<dd>
<p>Block size parameter.</p>
</dd><dt>p      
<dd>
<p>Parallelization parameter.</p>
</dd><dt>length 
<dd>
<p>Length in octets of the derived key.</p>
</dd></dl>

<h3 id="method-c-scrypt-label-Example">Example<span><a href="#method-c-scrypt-label-Example">&para;</a> <a href="#top">&uarr;</a></span></h3>

<pre class="ruby"><span class="ruby-identifier">pass</span> = <span class="ruby-string">&quot;password&quot;</span>
<span class="ruby-identifier">salt</span> = <span class="ruby-constant">SecureRandom</span>.<span class="ruby-identifier">random_bytes</span>(<span class="ruby-value">16</span>)
<span class="ruby-identifier">dk</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">KDF</span>.<span class="ruby-identifier">scrypt</span>(<span class="ruby-identifier">pass</span>, <span class="ruby-value">salt:</span> <span class="ruby-identifier">salt</span>, <span class="ruby-value">N:</span> <span class="ruby-value">2</span><span class="ruby-operator">**</span><span class="ruby-value">14</span>, <span class="ruby-value">r:</span> <span class="ruby-value">8</span>, <span class="ruby-value">p:</span> <span class="ruby-value">1</span>, <span class="ruby-value">length:</span> <span class="ruby-value">32</span>)
<span class="ruby-identifier">p</span> <span class="ruby-identifier">dk</span> <span class="ruby-comment">#=&gt; &quot;\xDA\xE4\xE2...\x7F\xA1\x01T&quot;</span>
</pre>

                              <div class="method-source-code" id="scrypt-source">
            <pre>static VALUE
kdf_scrypt(int argc, VALUE *argv, VALUE self)
{
    VALUE pass, salt, opts, kwargs[5], str;
    static ID kwargs_ids[5];
    size_t len;
    uint64_t N, r, p, maxmem;

    if (!kwargs_ids[0]) {
        kwargs_ids[0] = rb_intern_const(&quot;salt&quot;);
        kwargs_ids[1] = rb_intern_const(&quot;N&quot;);
        kwargs_ids[2] = rb_intern_const(&quot;r&quot;);
        kwargs_ids[3] = rb_intern_const(&quot;p&quot;);
        kwargs_ids[4] = rb_intern_const(&quot;length&quot;);
    }
    rb_scan_args(argc, argv, &quot;1:&quot;, &amp;pass, &amp;opts);
    rb_get_kwargs(opts, kwargs_ids, 5, 0, kwargs);

    StringValue(pass);
    salt = StringValue(kwargs[0]);
    N = NUM2UINT64T(kwargs[1]);
    r = NUM2UINT64T(kwargs[2]);
    p = NUM2UINT64T(kwargs[3]);
    len = NUM2LONG(kwargs[4]);
    /*
     * OpenSSL uses 32MB by default (if zero is specified), which is too small.
     * Let&#39;s not limit memory consumption but just let malloc() fail inside
     * OpenSSL. The amount is controllable by other parameters.
     */
    maxmem = SIZE_MAX;

    str = rb_str_new(0, len);
    if (!EVP_PBE_scrypt(RSTRING_PTR(pass), RSTRING_LEN(pass),
                        (unsigned char *)RSTRING_PTR(salt), RSTRING_LEN(salt),
                        N, r, p, maxmem, (unsigned char *)RSTRING_PTR(str), len))
        ossl_raise(eKDF, &quot;EVP_PBE_scrypt&quot;);

    return str;
}</pre>
                              </div>
                            </div>


                          </div>

                          </section>

              </section>
              </main>



            </div>  <!--  class='wrapper hdiv' -->


<footer id="validator-badges" role="contentinfo">
<p><a href="https://validator.w3.org/check/referer">Validate</a></p>
<p>Generated by <a href="https://ruby.github.io/rdoc/">RDoc</a> 6.4.0.</p>
<p>Based on <a href="https://github.com/ged/darkfish/">Darkfish</a> by <a href="http://deveiate.org">Michael Granger</a>.</p>

  
    <p><p><a href="https://ruby-doc.org">Ruby-doc.org</a> is a service of <a href="https://jamesbritt.com">James Britt</a> and <a href="https://neurogami.com">Neurogami</a>, purveyors of fine <a href='https://jamesbritt.bandcamp.com/'>dance noise</a></p>
</p>
  
  </footer>

<script type="text/javascript">


  let ads  = $("#carbonads-container").children().detach();


  function swapMode() {
    var cookieName = 'darkmode';
    var cssDarkmode = Cookies.get(cookieName);
    console.log("***** swapMode! " + cssDarkmode + " *****");


    if (cssDarkmode == "true") {
      console.log("We have dark mode, set the css to light ...");
      $('#rdoccss').attr("href", defaultModeCssHref);
      $('#cssSelect').text("Dark mode");
      cssDarkmode = "false";
      console.log("swapMode! Now set cookie to " + cssDarkmode);
      Cookies.set(cookieName, cssDarkmode);

    } else {
      console.log("We not have dark mode, set the css to dark ...");
      $('#rdoccss').attr("href", darkModeCsseHref);
      $('#cssSelect').text("Light mode");
      cssDarkmode = "true";
      console.log("swapMode! Now set cookie to " + cssDarkmode);
      Cookies.set(cookieName, cssDarkmode);

    }

    console.log("  --------------- ");
  }


const vueCssApp = new Vue({
el: '#menubar',
data: {
isDark: false
},
methods: {
toggleClass: function(event){
this.isDark = !this.isDark;
}
}
})

const vueApp = new Vue({
el: '#vapp',
data: { 
isOpen: true
},

mounted() {
this.handleResize();
this.manage_mob_classes();
window.addEventListener('resize', this.handleResize)
//this.isOpen !=  (/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent));
},
destroyed() {
window.removeEventListener('resize', this.handleResize)
},
created() {
//manage_mob_classes();
},

methods : {
isMobile() {
  return (/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent));
},

  handleResize() {
    if (!this.isMobile()) {
      this.isOpen = window.innerWidth > 800;
    }
  },

  manage_mob_classes() {
    if (/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent)) {
      $("nav").addClass("mob_nav");
      $("main").addClass("mob_main");
      $("#extraz").addClass("mob_extraz");
      $("#carbonads-container").addClass("mob_carbonads-container");
      this.isOpen  = false;
    } else {
      $("nav").removeClass("mob_nav") 
        $("main").removeClass("mob_main");
      $("#extraz").removeClass("mob_extraz");
      $("#carbonads-container").removeClass("mob_carbonads-container");
      this.isOpen  = true;
    }
  },

  toggleNav() {
    this.isOpen =! this.isOpen ;
    // alert("Toggle nav!");
    console.log("toggleNav() click: " + this.isOpen );
  }
}
})

$("#carbonads-container").append(ads);


$(function() {

    var darkmode = Cookies.get("darkmode");
    console.log("Document ready: " + darkmode);

    if ( darkmode  == "true" ) {
      $('#cssSelect').text("Light mode");
    } else {
      $('#cssSelect').text("Dark mode");
     }

    $('body').css('display','block');
    });

</script>

    
  </body> 
</html>

